Windows 7 KB4338818, KB4338823 fixes major security issues

Windows 7 received two new updates on Patch Tuesday: monthly rollup KB4338818 and security update KB4338823. Both target major security issues and DNS bugs. Speaking of security issues, it is worth mentioning that these patches fixed the Lazy Floating Point State Restore bug that potentially allows attackers to access information stored in FP (Floating Point), MMX, and SSE register state on computers powered by Intel CPUs.

Provides protections for an additional vulnerability involving side-channel speculative execution known as Lazy Floating Point (FP) State Restore (CVE-2018-3665) for 64-Bit (x64) versions of Windows.

Apart from this security patch, KB4338818 also brings two additional improvements. It updates Internet Explorer’s Inspect Element feature to conform to the policy that disables the launch of Developer Tools. The update also addressed the issue where DNS requests disregard proxy configurations in Internet Explorer and Microsoft Edge.

KB4338818/ KB4338823 issues

Microsoft also notes that these two updates are affected by a few known issues. After installing them, some devices running network monitoring workloads may receive the 0xD1 Stop error. Unfortunately, there is no workaround for this issue, but Microsoft estimates a solution will be available mid-July.

Update KB4338818 may also trigger third-party software issues related to a missing file (oem<number>.inf). More specifically, the network interface controller will stop working but you should be able to quickly fix it by updating your hardware drivers. To do this, open the Device Manager, locate the problematic hardware, select it and then Scan for Hardware Changes from the Action menu.

How to download KB4338818, KB4338823

You can automatically download KB4338818 and KB4338823 via Windows Update. You can also download the stand alone update package from Microsoft Update Catalog website.